Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

UBUNTU: 2022:1234-2 Critical: OpenSSL Memory Leak Patch

suse
Calendar Grey August 26, 2022
Dist Suse Esm H88
SUSE Security Alert: Resolves 5 issues in gstreamer-plugins-bad under Advisory ID SUSE-SU-2022:2922-1.
An update that fixes 7 vulnerabilities is now available

Summary

This update for gstreamer-plugins-good fixes the following issues: - CVE-2022-1920: Fixed integer overflow in WavPack header handling code (bsc#1201688). - CVE-2022-1921: Fixed integer overflow resulting in heap corruption in avidemux element (bsc#1201693). - CVE-2022-1922: Fixed integer overflows in mkv demuxing (bsc#1201702). - CVE-2022-1923: Fixed integer overflows in mkv demuxing using bzip (bsc#1201704). - CVE-2022-1924: Fixed integer overflows in mkv demuxing using lzo (bsc#1201706). - CVE-2022-1925: Fixed integer overflows in mkv demuxing using HEADERSTRIP (bsc#1201707). - CVE-2022-2122: Fixed integer overflows in qtdemux using zlib (bsc#1201708). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods

Topics%20covered

Topics Covered

security advisory update critical integer overflow SUSE gstreamer patch instructions

References

#1201688 #1201693 #1201702 #1201704 #1201706

#1201707 #1201708

Cross- CVE-2022-1920 CVE-2022-1921 CVE-2022-1922

CVE-2022-1923 CVE-2022-1924 CVE-2022-1925

CVE-2022-2122

CVSS scores:

CVE-2022-1920 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2022-1920 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

CVE-2022-1921 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2022-1921 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

CVE-2022-1922 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2022-1922 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

CVE-2022-1923 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2022-1923 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:2911-1
Rating: important

Topics%20covered

Topics Covered

security advisory update critical integer overflow SUSE gstreamer patch instructions

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here